Customers of the Bank of America branch at 3625 Fairfax Drive in Arlington, Virginia, often wonder about the Arlington police car that is always parked in front of the building in the next block.
They also can’t help but notice the two armed guards from the private Cantwell Security Service who patrol the street in front of the building and eye each passerby warily.
“What’s going on across the street?” one woman asked while waiting in line to deposit her paycheck last Friday.
“Not sure,” said the man ahead of her in line. “Something to do with the government. The police cars and guards have been there since shortly after 9-11.”
“Oh,” she said. “No matter.”
Actually, if the woman knew what was happening inside the nondescript office building at 3701 Fairfax Drive, she might think it really does matter because the building houses the Pentagon’s Defense Advanced Research Project Agency’s Total Information Awareness Program, the “big brother” program Congress thought it killed.
When the woman in line deposited her paycheck at the Bank of America branch, a record of that deposit showed up immediately in the computer databanks in the office across the street, just as financial, travel and other personal transactions of virtually every American do millions of time every minute.
Despite Congressional action cutting funding, and the resignation of the program’s controversial director, retired admiral John Poindexter, DARPA’s TIA program is alive and well and prying into the personal business of Americans 24 hours a day, seven days a week.
“When Congress cut the funding, the Pentagon – with administration approval – simply moved the program into a ‘black bag’ account,” says a security consultant who worked on the DARPA project. “Black bag programs don’t require Congressional approval and are exempt from traditional oversight.”
In addition, the super-secret National Security Agency, under an executive order signed by President Bush not long after September 11, 2001, began monitoring phone conversations and emails of American citizens even though the agency’s charter limits their activities to overseas communications.
DARPA also hired private contractors to fill many of the roles in the program, which helped evade detection by Congressional auditors. Using a private security firm like Cantwell, instead of the Federal Protective Service, helped keep TIA off the radar screen.
DARPA moved into the Arlington County building shortly after the September 11, 2001, attacks on the World Trade Center and the Pentagon and established the TIA project under the USA Patriot Act and a number of executive orders from President George W. Bush.
TIA’s mission was to build a giant computer database with real time access to bank records, credit card companies, airlines and other travel companies, credit bureaus and other data banks to monitor, in real time, the financial transactions and travel of Americans and foreign citizens with accounts at the institutions.
Under provisions of the USA Patriot Act, the banks and other companies were forced to allow DARPA to access their files, a move normally considered an invasion of privacy.
When news of TIA first surfaced in 2002, along with the appointment of Poindexter, a key-figure in the Iran-Contra scandal, as director, citizens’ watchdog groups and some members of Congress took a second look. The uproar that followed led to the resignation of Poindexter, who had lied to Congress during the Iran-Contra investigation, and the elimination of funding for TIA.
But Congress left the door open by supplying DARPA with research funding to develop data mining alternatives to TIA. Instead, the Bush administration instructed the Pentagon to move TIA into the convert area of black bag operations and Congress was cut out of the loop.
Lt. Col. Doug Dyer, a program manager for DARPA, defends TIA as a necessary sacrifice in the war on terrorism.
“Americans must trade some privacy for security,” he says. “Three thousand people died on 9/11. When you consider the potential effect of a terrorist attack against the privacy of an entire population, there has to be some trade-off.”
The trade off means virtually every financial transaction of every American is now recorded and monitored by the federal government. Any bank transaction, all credit card charges plus phone records, credit reports, travel and even health records are captured in real time by the DARPA computers.
“Basically, TIA builds a profile of every American who has a bank account, uses credit cards and has a credit record,” says security expert Allen Banks. “The profile establishes norms based on the person’s spending and travel habits. Then the system looks for patterns that break from the norms, such of purchases of materials that are considered likely for terrorist activity, travel to specific areas or a change in spending habits.”
Patterns that fit pre-defined criteria result in an investigative alert and the individual becomes a “person of interest” who is referred to the Department of Justice and Department of Homeland Security, Banks says.
Such data mining is also called “database profiling” and is prohibited under Fourth Amendment’s guarantee against invasion of privacy says Barry Steinhardt, director of the Technology and Liberty Program at the American Civil Liberties Union.
Steinhardt points out the information is already being used to create “no fly” lists of people who are thought to be a danger but that safeguards are not in place to insure the accuracy of the information.
“Once you get on a ‘no-fly’ list, how do you get off it?” Steinhardt asks.
Missouri Congressman William Clay, ranking minority member of the House Committee on Government Reform’s Subcommittee on Technology, Information Policy, and Intergovernmental Relations, worries that DARPA is skirting the law by letting private contractors handle the data mining.
“The agencies involved in data mining are trying to skirt the Privacy Act by claiming that they hold no data,” said Clay. Instead, they use private companies to maintain and sift through the data, he said.
“Technically, that gets them out from under the Privacy Act,” he said. “Ethically, it does not.”
When the Senate voted in 2003 to cut funding for TIA, Senators like Ron Wyden of Oregon thought they had put a stop to the problem.
“This makes it clear that Congress wants to make sure there is no snooping on law-abiding Americans,” Wyden said after the vote.
But it didn’t. The Bush Administration, already recognized as one of the most secretive Presidencies in modern times, simply put the program under wraps and let it continue.
When Congress voted to cut the funded, the operation at 3701 Fairfax Drive should have shut down and Arlington County should have returned the officers assigned there to normal duty. However, the officers remained in place and additional security was added to the detail.
According to construction records on file in the Arlington County building and zoning office, more than 20 high-speed data lines have been installed at the location in the last 18 months. Microwave data antennas are also installed on the roof.
Pentagon spokesmen refuse to discuss what is happening in the building, citing “national security” as the reason.
When quized about TIA earlier, DARPA officials insist they have safeguards to prevent abuses but the record suggests otherwise.
“Given the military’s legacy of privacy abuses, such vague assurances are cold comfort,” says Gene Healy, senior editor of the CATO Institute in Washington.
“During World War I, concerns about German saboteurs led to unrestrained domestic spying by U.S. Army intelligence operatives,” says Healy. “Army spies were given free reign to gather information on potential subversives, and were often empowered to make arrests as special police officers. Occasionally, they carried false identification as employees of public utilities to allow them, as the chief intelligence officer for the Western Department put it, ‘to enter offices or residences of suspects gracefully, and thereby obtain data.’”
In her book Army Surveillance in America, historian Joan M. Jensen noted, “What began as a system to protect the government from enemy agents became a vast surveillance system to watch civilians who violated no law but who objected to wartime policies or to the war itself.”
The Army’s recent debacle with treatment of Iraqi prisoners also suggests the American military system lacks either the ability or the restraint to police itself.
“There’s a long and troubling history of military surveillance in this country,” Healy adds. “That history suggests that we should loathe allowing the Pentagon access to our personal information.”
While TIA allows the government to snoop on American citizens, experts in the data mining field say it won’t help fight terrorism.
“Terrorism is an adaptive problem,” Herb Edelstein, president of data-mining company Two Crows. said in an interview published by Wired News. “It’s pretty unlikely the next terrorist attack will be people hijacking planes and crashing them into buildings.”
Other experts say the chances for mistakes are huge.
“The order of magnitude of errors from inferences is huge, something like ten to the third power,” Paul Hawken, author of The Ecology of Commerce and the chairman of information mapping software company Groxis, has said in interviews with other publications.
DARPA tried to interest Groxis in becoming part of the TIA project but the company declined, saying the project was neither feasible nor ethical. Hawken told Wired he knows people with the National Security Agency who refused to work on TIA because of ethical concerns.
The dangers of TIA have created a coalition of strange bedfellows. The American Civil Liberties Union has teamed up with conservative Phyllis Schlafly’s Eagle Forum and even the Heritage Foundation to fight not only TIA but other abuses of Constitutional rights under the USA Patriot Act. Even former member of Congress Bob Barr, a conservative firebrand, has joined the effort.
Yet even with all this attention, TIA still exists and still watches Americans 24/7 from the office building on Fairfax Drive in Arlington. Although employees who work in the building are supposed to keep their presence there a secret, they regularly sport their DARPA id badges around their necks when eating at restaurants near the building. The straps attached to the badges are printed with “DARPA” in large letters.
“Yeah, they’re the spooks who work in the building over there,” says Ernie, the counterman at a deli near 3701 Fairfax Drive. “If this is how they keep secrets, I guess we should really be worried.”